Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/848B7C827600EB0903D3D36F5E0B43264D8D30A33D7C3FBE6B9E843FAE2E0F55/0/323830333a613439303a3a2f33322d3332203d3e20323732383138.roa
File:                     323830333a613439303a3a2f33322d3332203d3e20323732383138.roa (raw, json)
Hash identifier:          fQlHHOAmVvXEMKJlHw+u2gB5z/dHXmqzGdUUfecW6eQ=
Subject key identifier:   FF:14:7A:CE:72:72:58:A8:E4:EE:14:62:77:69:C4:8D:7B:DC:9A:35
Certificate issuer:       /CN=6CDB97C410028B5C8AFF4E3DF7960EDB7330E7D0
Certificate serial:       7D0BEDB5288ECF59EDA769662B5B026B4F054A94
Authority key identifier: 6C:DB:97:C4:10:02:8B:5C:8A:FF:4E:3D:F7:96:0E:DB:73:30:E7:D0
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/6CDB97C410028B5C8AFF4E3DF7960EDB7330E7D0.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/848B7C827600EB0903D3D36F5E0B43264D8D30A33D7C3FBE6B9E843FAE2E0F55/0/323830333a613439303a3a2f33322d3332203d3e20323732383138.roa
Signing time:             Tue 04 Feb 2025 18:49:13 +0000
ROA not before:           Tue 04 Feb 2025 18:44:13 +0000
ROA not after:            Tue 03 Feb 2026 18:49:13 +0000
asID:                     272818
IP address blocks:        2803:a490::/32 maxlen: 32
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/848B7C827600EB0903D3D36F5E0B43264D8D30A33D7C3FBE6B9E843FAE2E0F55/0/6CDB97C410028B5C8AFF4E3DF7960EDB7330E7D0.crl
                          rsync://repository.lacnic.net/rpki/lacnic/848B7C827600EB0903D3D36F5E0B43264D8D30A33D7C3FBE6B9E843FAE2E0F55/0/6CDB97C410028B5C8AFF4E3DF7960EDB7330E7D0.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/6CDB97C410028B5C8AFF4E3DF7960EDB7330E7D0.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 18 Feb 2025 16:58:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:0b:ed:b5:28:8e:cf:59:ed:a7:69:66:2b:5b:02:6b:4f:05:4a:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6CDB97C410028B5C8AFF4E3DF7960EDB7330E7D0
        Validity
            Not Before: Feb  4 18:44:13 2025 GMT
            Not After : Feb  3 18:49:13 2026 GMT
        Subject: CN=FF147ACE727258A8E4EE14627769C48D7BDC9A35
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:32:b0:5e:69:9c:25:07:da:53:c6:06:f7:f7:
                    7e:4a:da:4f:f4:01:6b:a6:44:84:de:a1:6b:32:2f:
                    4d:b5:5b:5d:e9:36:68:bd:2f:51:9c:d7:c2:77:ae:
                    79:e2:4a:14:70:9e:38:8b:a4:c3:b2:27:3a:69:66:
                    ce:5d:a6:61:f1:87:4f:05:36:5c:52:89:5e:20:30:
                    44:70:d4:be:6c:21:8b:db:39:a6:90:1b:93:e8:c2:
                    b6:30:14:5b:c6:18:b3:5c:9c:9b:52:6c:d6:e2:cd:
                    6d:c8:ea:17:43:6f:23:5c:ca:a0:11:7a:7e:96:cd:
                    87:b0:76:a8:67:14:f9:d7:39:81:de:d6:9e:1e:52:
                    8a:0a:9d:95:07:17:8f:81:fd:3d:a0:d1:13:94:dd:
                    c6:5e:65:74:fe:68:f1:a6:da:64:67:bc:3a:78:d2:
                    ca:0c:f8:18:40:c1:ad:42:9b:89:08:8e:a5:55:3f:
                    f5:89:3d:3d:ff:a3:df:1c:64:f8:95:a9:48:a5:57:
                    67:b0:f7:c7:bc:53:47:7d:95:af:d1:8b:fe:56:78:
                    36:e0:ad:91:9a:bb:f5:84:69:85:41:6e:2a:95:a7:
                    28:1d:e3:c0:0d:73:91:b2:9e:dc:53:94:13:3e:b1:
                    a0:e6:ed:35:c8:68:51:56:c9:fb:ce:25:92:23:c5:
                    d1:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:14:7A:CE:72:72:58:A8:E4:EE:14:62:77:69:C4:8D:7B:DC:9A:35
            X509v3 Authority Key Identifier:
                keyid:6C:DB:97:C4:10:02:8B:5C:8A:FF:4E:3D:F7:96:0E:DB:73:30:E7:D0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/848B7C827600EB0903D3D36F5E0B43264D8D30A33D7C3FBE6B9E843FAE2E0F55/0/6CDB97C410028B5C8AFF4E3DF7960EDB7330E7D0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/6CDB97C410028B5C8AFF4E3DF7960EDB7330E7D0.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/848B7C827600EB0903D3D36F5E0B43264D8D30A33D7C3FBE6B9E843FAE2E0F55/0/323830333a613439303a3a2f33322d3332203d3e20323732383138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:a490::/32

    Signature Algorithm: sha256WithRSAEncryption
         08:d1:3a:b2:83:b8:9e:ed:b6:37:43:3f:8f:de:3a:34:c2:30:
         e6:17:6b:1f:71:70:fa:ed:fd:4f:16:4f:e4:d3:04:a1:95:1e:
         64:8a:58:24:8a:8b:ca:e7:85:98:8b:f4:59:15:03:57:03:c7:
         f1:58:63:04:f1:7a:ed:0c:de:2b:a3:40:0f:39:0f:4d:cf:03:
         d5:00:38:e2:7a:25:08:f8:a0:12:55:95:ea:2f:3d:b5:23:75:
         ec:30:3e:da:3f:45:d3:1f:bb:eb:10:ad:a6:ec:9c:69:04:2d:
         7d:72:f0:bb:a6:00:82:9a:eb:af:3f:6f:2e:79:79:a7:02:55:
         a7:5b:ed:5c:fc:98:b5:9c:96:bd:21:4e:f4:e0:3d:6f:99:34:
         50:7c:d6:b1:0c:55:c2:7a:bd:40:5b:06:84:52:90:66:75:51:
         3d:8f:0c:20:45:67:45:83:41:ec:0f:1f:fa:f3:cf:0b:72:ff:
         77:4d:08:3d:3f:05:91:2e:d0:f0:f0:78:dc:df:62:e8:eb:21:
         4e:d5:65:d9:cf:54:2d:ce:3c:82:bf:37:cc:fb:e9:dd:c9:37:
         e9:04:51:88:44:46:b8:c4:77:07:92:bd:9e:e9:59:38:bc:da:
         2b:2e:17:7a:95:04:7b:ea:00:ab:2a:27:3c:a2:0d:65:d7:42:
         6c:eb:2c:ad
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIUfQvttSiOz1ntp2lmK1sCa08FSpQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNkNEQjk3QzQxMDAyOEI1QzhBRkY0RTNERjc5NjBFREI3
MzMwRTdEMDAeFw0yNTAyMDQxODQ0MTNaFw0yNjAyMDMxODQ5MTNaMDMxMTAvBgNV
BAMTKEZGMTQ3QUNFNzI3MjU4QThFNEVFMTQ2Mjc3NjlDNDhEN0JEQzlBMzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZMrBeaZwlB9pTxgb3935K2k/0
AWumRITeoWsyL021W13pNmi9L1Gc18J3rnniShRwnjiLpMOyJzppZs5dpmHxh08F
NlxSiV4gMERw1L5sIYvbOaaQG5PowrYwFFvGGLNcnJtSbNbizW3I6hdDbyNcyqAR
en6WzYewdqhnFPnXOYHe1p4eUooKnZUHF4+B/T2g0ROU3cZeZXT+aPGm2mRnvDp4
0soM+BhAwa1Cm4kIjqVVP/WJPT3/o98cZPiVqUilV2ew98e8U0d9la/Ri/5WeDbg
rZGau/WEaYVBbiqVpygd48ANc5GyntxTlBM+saDm7TXIaFFWyfvOJZIjxdGtAgMB
AAGjggLJMIICxTAdBgNVHQ4EFgQU/xR6znJyWKjk7hRid2nEjXvcmjUwHwYDVR0j
BBgwFoAUbNuXxBACi1yK/04995YO23Mw59AwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84NDhCN0M4Mjc2MDBFQjA5MDNEM0QzNkY1RTBCNDMyNjRE
OEQzMEEzM0Q3QzNGQkU2QjlFODQzRkFFMkUwRjU1LzAvNkNEQjk3QzQxMDAyOEI1
QzhBRkY0RTNERjc5NjBFREI3MzMwRTdEMC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC82Q0RCOTdDNDEwMDI4QjVDOEFG
RjRFM0RGNzk2MEVEQjczMzBFN0QwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvODQ4QjdDODI3NjAwRUIwOTAzRDNEMzZGNUUwQjQzMjY0RDhEMzBBMzNE
N0MzRkJFNkI5RTg0M0ZBRTJFMEY1NS8wLzMyMzgzMDMzM2E2MTM0MzkzMDNhM2Ey
ZjMzMzIyZDMzMzIyMDNkM2UyMDMyMzczMjM4MzEzOC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACgDpJAw
DQYJKoZIhvcNAQELBQADggEBAAjROrKDuJ7ttjdDP4/eOjTCMOYXax9xcPrt/U8W
T+TTBKGVHmSKWCSKi8rnhZiL9FkVA1cDx/FYYwTxeu0M3iujQA85D03PA9UAOOJ6
JQj4oBJVleovPbUjdewwPto/RdMfu+sQrabsnGkELX1y8LumAIKa668/by55eacC
Vadb7Vz8mLWclr0hTvTgPW+ZNFB81rEMVcJ6vUBbBoRSkGZ1UT2PDCBFZ0WDQewP
H/rzzwty/3dNCD0/BZEu0PDweNzfYujrIU7VZdnPVC3OPIK/N8z76d3JN+kEUYhE
RrjEdweSvZ7pWTi82isuF3qVBHvqAKsqJzyiDWXXQmzrLK0=
-----END CERTIFICATE-----
Generated at Sat Feb 15 00:45:26 2025 by rpki-client